Hier die Logs:
Extras.txt: Code:
OTL Extras logfile created on: 13.01.2013 21:58:02 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Micha\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,49 Gb Available Physical Memory | 49,62% Memory free
6,00 Gb Paging File | 4,34 Gb Available in Paging File | 72,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 95,74 Gb Free Space | 64,24% Space Free | Partition Type: NTFS
Drive D: | 137,33 Gb Total Space | 67,46 Gb Free Space | 49,12% Space Free | Partition Type: NTFS
Computer Name: MICHA-PC | User Name: Micha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2346782842-2880189148-1154082226-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{128B61E5-B469-4090-85E4-11CF89AC50C8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{166EAC20-A98A-43F2-A05C-47C4C9770DF8}" = rport=139 | protocol=6 | dir=out | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{19E8810C-8F1D-49CE-B408-63D037A0B4EA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{225DF82A-6DA8-4CC0-BA2D-52E49744015D}" = rport=138 | protocol=17 | dir=out | app=system |
"{22AD5D30-848E-43AD-8EB2-E165BDB01BFE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{44883AC5-AAA9-4234-B043-0C4034BBC602}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{484CC0EE-B2D6-4E86-AA9F-ECD678438F51}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4C83E9DD-C10D-4100-A3E2-F3C7D80B5C17}" = lport=138 | protocol=17 | dir=in | app=system |
"{4DB27F02-8C39-42F8-8FE7-4E5623895409}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{5FDB2EFD-69F1-4A7C-90BC-A4B329220177}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{7D02539A-FA4A-4A22-A716-54499665DEC2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{83104DB9-A742-45AA-B1CA-0DC3D09A1CB5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{877BED06-E356-4CE4-81E3-4EE04804A521}" = lport=137 | protocol=17 | dir=in | app=system |
"{8D7AF6C9-A3B9-4828-A544-ED864DF6C18A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{983B25F3-6D3C-4810-B6C7-32136519F446}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{99C945F1-6E96-42BE-9302-8A69D0439094}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9B9B3581-27B3-4F27-9ECE-AC9FF546BCE2}" = lport=139 | protocol=6 | dir=in | app=system |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B03335A9-C3B2-48D4-B31B-A5D49F778D22}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B9DB0ACD-18D4-41AD-9513-E90281E2FF3D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C6CA68A7-7538-4270-B66E-0F2C02558B82}" = lport=445 | protocol=6 | dir=in | app=system |
"{C89A1918-EEAC-4080-B282-4310114CC4AF}" = rport=445 | protocol=6 | dir=out | app=system |
"{C99410F2-B5EC-4101-A977-7C9DF5CDA2DC}" = rport=137 | protocol=17 | dir=out | app=system |
"{CCA271E1-936A-405C-92F4-95FD48CC7F8C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002563E3-45BA-46D7-BD33-48EFCE72CB89}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1FCB558B-A314-4B2F-9C31-60E5010648D8}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{1FD786E2-B640-41DC-AB73-68218DC3D695}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{241DF502-41DF-46CB-BA58-61920B50B66E}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{25DF1644-EA4F-4003-840A-78F8A9E78857}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{27FBF777-593F-4E75-A043-AF0C29C42883}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{2DF46237-19C0-41DE-AC87-605F3A3FAEBD}" = protocol=6 | dir=out | app=system |
"{30DF2C73-CBA4-48E6-B272-78F4929BB044}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{32579A0C-A5C2-4D62-8845-E05106549F13}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{34F6D8B5-1B79-46F2-83A7-8FCD9BB590D4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{59BED5CD-C943-48EC-815F-6998BF141238}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{64B1B722-3165-4B76-9C5F-DA938F3F26B6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A9651A8-ADB9-4FE5-BF34-517E0EB5FCCC}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{76213788-DF3D-464B-90BD-3FB7F7EB6C76}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{774E7BFB-0EDD-45A8-86F9-B54ABB19DD40}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{7A97A189-6A46-4E7A-B264-08373D8E5A03}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{7F4AB55E-DC59-4CE5-96DF-9D45A58AC7E2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{81B4BAD8-A17D-4410-BA03-A3F05F90E09D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{84DD0593-0324-4E70-8AE9-5ABA7F91E2EB}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8BE0334E-0F55-4A87-A0AC-17E1037866F4}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{944E8BE4-C6E7-46A6-BA3D-0F183BBB6E7F}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{9872DE6F-A182-4489-969C-1F15686A3594}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9D3F560D-6E11-4D44-A591-19240F7B274D}" = protocol=58 | dir=in | app=system |
"{A12503A8-E9DD-41F8-9A48-9C88912C140A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A84F3F8E-FEBF-497D-8442-7067078FED94}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{A96F7E7E-D0E0-4F76-AD28-8E65FE47AAF5}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AE060FE0-1846-4E25-844C-2A09D181350E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AFA1D8A7-836A-4B3C-BDFF-BE78F3C4A193}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B94ED569-A0DD-46B0-9FAD-9241152441A7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{C7E4BFB4-6209-40AB-B939-FB769159F706}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CA912AB9-D1B4-4788-A0AD-55DE106EB8A4}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CEE644D2-B53A-4AC0-BC8D-6B224DF8257D}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D73909E9-CC2C-4747-93DB-8288A43FF3C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8375989-209B-4865-8F57-68B38082AC39}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EB11A3E5-43EB-44B6-85DD-0A5BC8DACE68}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EB980EDB-E501-47B2-922B-315D09807400}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F77C675C-828F-4CC9-A24C-E1DFCCB0EEBB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{071B843C-9A39-40B3-BB01-BBD6A8D2E1C5}" = lingDIALOG
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0DB06704-7DB8-43FC-BE1D-8ACFEFA85C43}" = TortoiseSVN 1.6.16.21511 (32 bit)
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{378317B3-D201-4BC0-BEC9-9451C9ACAEED}" = Alcor Micro USB Card Reader
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4905C2C7-96CB-4DD9-A706-C427913DE5AE}" = Barbarian Invasion
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{842ED5C6-2530-4469-A9A0-0DCDDDA94481}_is1" = M&B Module Updater v1.0
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96472D82-0239-11E0-9776-199EDFD72085}" = M-Audio FastTrack Driver 6.0.6 (x86)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BCAC864-84C0-409F-8D12-364109622D18}_is1" = Europa Barbarorum 1.1
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{AD3E68F5-D141-49C0-B002-28B48030B902}_is1" = Europa Barbarorum 1.2
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3 Driver
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.11 (Unicode)
"CA’s Vanilla Soundmod " = CA’s Vanilla Soundmod
"CCleaner" = CCleaner
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"EB Documentation_is1" = EB Documentation 1.1
"EB Trivial Script_is1" = EB Trivial Script 0.125
"FUSSBALL MANAGER 12" = FUSSBALL MANAGER 12
"Graphical Enhancement Textures" = Graphical Enhancement Textures 2.5
"InstallShield_{071B843C-9A39-40B3-BB01-BBD6A8D2E1C5}" = lingDIALOG
"InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"Kurs 2 5.0 Italienisch" = Langenscheidt Kurs 2 5.0 Italienisch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"McAfee Virtual Technician" = McAfee Virtual Technician
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mount&Blade" = Mount&Blade
"Mozilla Firefox 18.0 (x86 de)" = Mozilla Firefox 18.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee AntiVirus Plus
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments Rig Kontrol 3 Driver" = Native Instruments Rig Kontrol 3 Driver
"Native Instruments Service Center" = Native Instruments Service Center
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Recruitment Viewer_is1" = Recruitment Viewer 0.9
"Scourge of War - Gettysburg v1.4" = Scourge of War - Gettysburg v1.4
"SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.1 for Windows
"Softube Acoustic Feedback VST RTAS_is1" = Softube Acoustic Feedback VST RTAS v1.0.7
"Softube Bass Amp Room VST RTAS_is1" = Softube Bass Amp Room VST RTAS v1.0.2
"Softube FET Compressor VST RTAS_is1" = Softube FET Compressor VST RTAS v1.0.3
"Softube Metal Amp Room VST RTAS_is1" = Softube Metal Amp Room VST RTAS v1.1.5
"Softube Passive-Active Pack VST RTAS_is1" = Softube Passive-Active Pack VST RTAS v1.0.2
"Softube Spring Reverb VST RTAS_is1" = Softube Spring Reverb VST RTAS v1.0.4
"Softube Tube Delay VST RTAS_is1" = Softube Tube Delay VST RTAS v1.0.5
"Softube Tube-Tech CL 1B VST RTAS_is1" = Softube Tube-Tech CL 1B VST RTAS v1.0.3
"Softube Vintage Amp Room VST RTAS_is1" = Softube Vintage Amp Room VST RTAS v1.0.8
"Steam App 48700" = Mount and Blade: Warband
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"WinRAR archiver" = WinRAR
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.12.2012 14:00:01 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103
Description =
Error - 13.12.2012 16:41:26 | Computer Name = Micha-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mcupdmgr.exe, Version: 11.6.434.0,
Zeitstempel: 0x5050b3c5 Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.1,
Zeitstempel: 0x4d5f0c22 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00011891 ID des fehlerhaften
Prozesses: 0x16a0 Startzeit der fehlerhaften Anwendung: 0x01cdd9721d82648d Pfad der
fehlerhaften Anwendung: c:\PROGRA~1\mcafee\msc\mcupdmgr.exe Pfad des fehlerhaften
Moduls: C:\Windows\system32\MSVCR100.dll Berichtskennung: 763493fe-4565-11e2-bded-002618392f30
Error - 16.12.2012 14:00:01 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103
Description =
Error - 23.12.2012 18:30:20 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103
Description =
Error - 30.12.2012 14:00:02 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103
Description =
Error - 06.01.2013 14:00:02 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103
Description =
Error - 12.01.2013 10:42:47 | Computer Name = Micha-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 12.01.2013 10:42:47 | Computer Name = Micha-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15553
Error - 12.01.2013 10:42:47 | Computer Name = Micha-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15553
Error - 13.01.2013 14:00:01 | Computer Name = Micha-PC | Source = Windows Backup | ID = 4103
Description =
[ System Events ]
Error - 13.01.2013 12:55:21 | Computer Name = Micha-PC | Source = PNRPSvc | ID = 102
Description =
Error - 13.01.2013 12:55:21 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 13.01.2013 12:55:21 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 13.01.2013 12:55:28 | Computer Name = Micha-PC | Source = PNRPSvc | ID = 102
Description =
Error - 13.01.2013 12:55:28 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 13.01.2013 12:55:28 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 13.01.2013 12:55:32 | Computer Name = Micha-PC | Source = PNRPSvc | ID = 102
Description =
Error - 13.01.2013 12:55:32 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 13.01.2013 12:55:32 | Computer Name = Micha-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 13.01.2013 14:41:42 | Computer Name = Micha-PC | Source = DCOM | ID = 10000
Description =
< End of report > Und die OTL: Code:
OTL logfile created on: 13.01.2013 21:58:02 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Micha\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,49 Gb Available Physical Memory | 49,62% Memory free
6,00 Gb Paging File | 4,34 Gb Available in Paging File | 72,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 95,74 Gb Free Space | 64,24% Space Free | Partition Type: NTFS
Drive D: | 137,33 Gb Total Space | 67,46 Gb Free Space | 49,12% Space Free | Partition Type: NTFS
Computer Name: MICHA-PC | User Name: Micha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Micha\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - c:\Programme\McAfee\SiteAdvisor\saUI.exe (McAfee, Inc.)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\McAfee\Supportability\MVT\MvtApp.exe (McAfee, Inc.)
PRC - C:\Windows\System32\rpcnet.exe (Absolute Software Corp.)
PRC - C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\MSC\McAPExe.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\Platform\McUICnt.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\AMCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
PRC - C:\Programme\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
PRC - C:\Programme\ASUS\ASUS CopyProtect\ASPG.exe (ASUS)
PRC - C:\Programme\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
PRC - C:\Programme\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Programme\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Programme\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Programme\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Programme\ASUS\Net4Switch\Net4Switch.exe (ASUS)
PRC - C:\Programme\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Programme\ASUS\NB Probe\SPM\spmgr.exe ()
PRC - C:\Programme\Wireless Console 2\wcourier.exe ()
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\System32\CmdLineExt03.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswsysmon.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipsw_cfgmgr.dll ()
MOD - C:\Programme\ASUS\Net4Switch\LogonStartup.dll ()
MOD - C:\Programme\ASUS\Net4Switch\iphelper.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswui.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswobj.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswhlp.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswgblset.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswds.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswcore.dll ()
MOD - C:\Programme\ASUS\Net4Switch\cxcmrt.dll ()
MOD - C:\Programme\ASUS\Net4Switch\ipswresmgr.dll ()
MOD - C:\Programme\ASUS\Splendid\GLCDdll.dll ()
MOD - C:\Programme\ASUS\ASUS Live Update\ALU.exe ()
MOD - C:\Programme\ASUS\Net4Switch\ResItf.dll ()
MOD - C:\Programme\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll ()
MOD - C:\Programme\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll ()
========== Services (SafeList) ==========
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (rpcnet) -- C:\Windows\System32\rpcnet.exe (Absolute Software Corp.)
SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV - (McProxy) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcpltsvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (HomeNetSvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mfecore) -- C:\Programme\Common Files\Mcafee\AMCore\mcshield.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (NIHardwareService) -- C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (ADSMService) -- C:\Programme\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
SRV - (ATKGFNEXSrv) -- C:\Programme\ATKGFNEX\GFNEXSrv.exe ()
SRV - (spmgr) -- C:\Programme\ASUS\NB Probe\SPM\spmgr.exe ()
========== Driver Services (SafeList) ==========
DRV - (mfeavfk01) -- File not found
DRV - (ipswuio) -- System32\DRIVERS\ipswuio.sys File not found
DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found
DRV - (catchme) -- C:\Users\Micha\AppData\Local\Temp\catchme.sys File not found
DRV - (am7rsanf) -- File not found
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfencbdc) -- C:\Windows\System32\drivers\mfencbdc.sys (McAfee, Inc.)
DRV - (mfencrk) -- C:\Windows\System32\drivers\mfencrk.sys (McAfee, Inc.)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (HipShieldK) -- C:\Windows\System32\drivers\HipShieldK.sys (McAfee, Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (MAUSBFASTTRACK) -- C:\Windows\System32\drivers\MAudioFastTrack.sys (Avid Technology, Inc.)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (ASUSTek Computer Inc)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (lullaby) -- C:\Windows\System32\drivers\lullaby.sys (Windows (R) Win 7 DDK provider)
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ASUS)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (ghaio) -- C:\Programme\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (ASMMAP) -- C:\Programme\ATKGFNEX\ASMMAP.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\..\SearchScopes\{79E664B5-9BE4-4794-8FA9-93106D142C5E}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/"
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.4
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012.12.20 18:02:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.12.17 20:36:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.11 21:05:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.11 21:04:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.11 21:05:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.11 21:04:58 | 000,000,000 | ---D | M]
[2010.01.26 18:37:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\Extensions
[2010.01.26 18:37:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\Extensions\{a79fe89b-6662-4ff4-8e88-09950ad4dfde}
[2013.01.08 21:17:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\749obg49.default\extensions
[2011.06.30 11:38:18 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\749obg49.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2013.01.08 21:17:16 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\749obg49.default\extensions\firefox@ghostery.com
[2012.11.15 19:54:29 | 000,328,449 | ---- | M] () (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\749obg49.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
[2012.01.23 18:24:07 | 000,001,107 | ---- | M] () -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\749obg49.default\searchplugins\dictcc-en-de-pocket.xml
[2013.01.13 03:57:40 | 000,001,398 | ---- | M] () -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\749obg49.default\searchplugins\dictcc-en-de.xml
[2013.01.13 03:57:39 | 000,000,947 | ---- | M] () -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\749obg49.default\searchplugins\icqplugin.xml
[2013.01.11 21:04:49 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.12.20 18:02:54 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2013.01.11 21:05:16 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.20 17:01:36 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.17 13:01:27 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.04.20 17:01:36 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.20 17:01:36 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.20 22:42:30 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.04.20 17:01:36 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.20 17:01:36 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012.07.13 09:32:53 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4 - HKLM..\Run: [ADSMTray] C:\Programme\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [AmIcoSinglun] C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [DivXMediaServer] C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Programme\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\System32\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-2346782842-2880189148-1154082226-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2346782842-2880189148-1154082226-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2346782842-2880189148-1154082226-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13866C12-7E69-4E54-A0E2-F6B2B7E9BB7F}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.01.13 21:56:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Micha\Desktop\OTL.exe
[2013.01.13 19:41:47 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Roaming\McAfee
[2013.01.13 13:47:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.13 13:47:23 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.01.13 13:47:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.01.13 13:47:12 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Local\Programs
[2013.01.13 13:46:20 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Micha\Desktop\mbam-setup-1.70.0.1100.exe
[2013.01.13 13:11:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.01.12 14:47:36 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Roaming\NVIDIA
[2013.01.11 21:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.01.08 21:21:51 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013.01.08 21:21:32 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs
[2013.01.08 21:21:31 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs
[2013.01.08 21:21:31 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs
[2013.01.08 21:21:31 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs
[2013.01.08 21:21:30 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs
[2013.01.08 21:21:30 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs
[2013.01.08 21:21:30 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2013.01.08 21:21:30 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs
[2013.01.08 21:21:29 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2013.01.08 21:21:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs
[2013.01.08 21:21:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs
[2013.01.08 21:21:28 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2013.01.08 21:21:23 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2013.01.08 21:21:22 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs
[2013.01.08 21:21:22 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs
[2013.01.08 21:21:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs
[2013.01.08 21:20:00 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.01.08 21:19:39 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.01.08 21:19:38 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013.01.08 21:19:36 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.01.08 21:19:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.08 21:19:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.08 21:19:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.08 21:19:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.01.08 21:19:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.01.08 21:19:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.08 21:19:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.01.08 21:19:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.08 21:19:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.08 21:19:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.01.08 21:19:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.01.08 21:19:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.08 21:19:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.08 21:19:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.08 21:19:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.01.08 21:19:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.01.08 21:19:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.01.08 21:19:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.01.08 21:19:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.08 21:19:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.01.08 21:19:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.08 21:19:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.08 21:19:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.08 21:19:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.01.08 21:19:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.08 21:19:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.01.08 21:19:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013.01.08 21:18:25 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2013.01.08 20:40:44 | 000,147,472 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\HipShieldK.sys
[2013.01.08 20:38:06 | 000,167,344 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
[2012.12.22 17:59:04 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.22 17:59:04 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.17 20:37:59 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Local\DDMSettings
[2010.10.24 13:17:58 | 009,535,488 | ---- | C] (Softube) -- C:\Program Files\Tube Delay.dll
[2008.08.11 21:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files\Common Files\MSIactionall.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.01.13 22:03:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.13 21:56:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Micha\Desktop\OTL.exe
[2013.01.13 21:42:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.13 20:42:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.13 13:47:35 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.13 13:46:41 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Micha\Desktop\mbam-setup-1.70.0.1100.exe
[2013.01.13 13:11:12 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.13 13:11:12 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.13 13:03:59 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.exe
[2013.01.13 13:03:57 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll
[2013.01.13 13:03:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.13 13:03:43 | 2415,345,664 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.12 17:21:29 | 000,000,671 | ---- | M] () -- C:\Users\Micha\Micha - Verknüpfung.lnk
[2013.01.08 21:48:00 | 000,292,672 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.01.08 21:28:00 | 000,664,868 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.01.08 21:28:00 | 000,625,010 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.08 21:28:00 | 000,135,004 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.01.08 21:28:00 | 000,110,648 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.08 21:03:53 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.01.08 21:03:53 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.13 13:47:35 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.12 17:21:29 | 000,000,671 | ---- | C] () -- C:\Users\Micha\Micha - Verknüpfung.lnk
[2013.01.08 20:40:15 | 000,002,641 | ---- | C] () -- C:\Windows\System32\drivers\mfencrk.inf
[2013.01.08 20:40:14 | 000,002,946 | ---- | C] () -- C:\Windows\System32\drivers\mfencbdc.inf
[2012.08.30 09:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012.07.23 16:14:53 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.07.23 16:14:53 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.07.23 16:14:53 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.07.23 16:14:53 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.07.23 16:14:53 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.07.19 19:18:16 | 000,000,209 | ---- | C] () -- C:\Windows\RomeTW.ini
[2012.07.08 19:04:12 | 004,503,728 | ---- | C] () -- C:\ProgramData\go_0molg.pad
[2012.05.22 23:47:22 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.10.01 08:48:09 | 000,007,599 | ---- | C] () -- C:\Users\Micha\AppData\Local\Resmon.ResmonCfg
[2011.09.18 01:24:06 | 000,000,218 | ---- | C] () -- C:\Users\Micha\.recently-used.xbel
[2011.08.19 13:48:01 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011.04.30 23:42:50 | 000,668,160 | ---- | C] () -- C:\Windows\System32\autochk.exe
[2011.04.06 15:22:05 | 000,004,608 | ---- | C] () -- C:\Users\Micha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.27 19:46:50 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.04.08 10:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 08:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report > Danke für die Geduld :) |